As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.
To minimize that gap we have developed a 2-day course with practical use cases, based on real world projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Students will be challenged in groups of 3 to 4 people to perform the different stages of threat modeling on the following:
- B2B web and mobile applications, sharing the same REST backend
- An Internet of Things (IoT) deployment with an on-premise gateway and a cloud-based update service
- OAuth scenarios for an HR application
- Privacy of a new face recognition system in an airport
After each hands-on workshop, the results are discussed, and students receive a documented solution. Based on our successful trainings in the last years, we released this advanced threat modeling training at Black Hat USA 2019.
This course is aimed at software developers, architects, system managers or security professionals. Before attending this course, students should be familiar with basic knowledge of web and mobile Applications, databases & Single sign on (SSO) principles. The students should bring their own laptop to the course.
This course is powered and delivered by the experts of Toreon